Privacy Policy
Last updated: 26 June 2026
Stopa ("we", "us", "the app") is an iOS application that takes a training plan you already have and pushes the workouts to your watch. This Privacy Policy explains what data we collect, why, where it is stored, and the choices you have. We collect the minimum we need to make the app work, and we do not sell your data or use it for advertising.
If you have any questions, contact us at hello@stopa.app.
Who we are
Stopa is built and operated independently from Czechia (European Union). For the purposes of the EU General Data Protection Regulation (GDPR), the data controller is the operator of Stopa, reachable at hello@stopa.app.
What data we collect
We collect only what is needed to deliver the app's core function — importing your training plan and syncing it to your Apple Watch.
Account data. When you sign in with Apple, we receive a Stopa-specific identifier and, if you choose to share it, your email address and name. We use Apple Sign-In as the only sign-in method; we never see or store your Apple password.
Training plans you import. The plan text, files, or pasted content you bring into Stopa, and the structured workouts we derive from it (titles, dates, durations, distances, targets, and any notes you add).
Health & fitness data (Apple Health). With your explicit permission, Stopa reads completed workouts from Apple Health to match them against your planned workouts. Depending on the activity, this can include workout type, start time, duration, distance, average heart rate, pace, and power. Stopa's access to Apple Health is read-only — we never write to Apple Health.
Basic diagnostics. If the app crashes, we receive a crash report (stack trace and device/OS version) to fix the problem. Crash reports are scrubbed of personal content — we do not include your health values, plan content, or email in them.
We do not collect your location, contacts, photos, browsing history, or advertising identifiers.
How we use your data
- To authenticate you and keep you signed in.
- To parse your imported plan into structured workouts and schedule them on your Apple Watch.
- To match completed Apple Health workouts against your planned workouts so you can see your progress.
- To diagnose and fix crashes.
We use your data for app functionality only. We do not use it for marketing, profiling, or advertising, and we do not track you across other apps or websites.
How your plan is processed (AI parser)
To turn a free-form plan into structured workouts, Stopa uses a two-step parser that runs on our backend. Most plans are handled by deterministic pattern matching. When part of a plan is ambiguous, that portion of the plan text may be sent to Anthropic's Claude API to interpret it. Only the relevant plan text is sent for this purpose — never your health data, email, or account identifiers. Anthropic processes this text to return structured output and does not use it to train their models.
Where your data is stored
Your account and plan data are stored using Supabase, hosted in the European Union (Frankfurt, Germany). Data is encrypted in transit (HTTPS/TLS) and at rest. Access is restricted by per-user database security rules so that you can only access your own data.
Apple Health
Health data accessed from Apple Health is used solely to show you your training progress inside Stopa. In line with Apple's requirements:
- We never use Apple Health data for advertising or marketing.
- We never sell Apple Health data or share it with data brokers.
- We only read the workout data needed to match your sessions.
You can review or revoke Stopa's Health permissions at any time in Settings → Health → Data Access & Devices → Stopa on your iPhone.
Third-party watch and fitness services
If you choose to connect a third-party watch or fitness service, Stopa will, at your request, send your planned structured workouts to that service so they appear on your watch, and read back your completed activities to match them against your plan. We share only the data needed for this — your scheduled workouts, and activity summary metrics (date, sport, distance, duration, average heart rate and pace) — never your account credentials. The connection uses the provider's secure authorisation (OAuth); access tokens are stored encrypted on our backend, are never placed on your device, and are revoked when you disconnect the service or delete your account. Each provider's own privacy policy governs how they handle your data once it reaches them. This applies only if you actively connect such a service; by default Stopa syncs only to your Apple Watch.
Your rights
You can, at any time:
- Access and export your data by contacting hello@stopa.app.
- Delete your account and data directly in the app via Settings → Account → Delete account. This permanently removes your plans, workouts, and notes from our database.
- Withdraw permissions (Apple Health, notifications) in iOS Settings.
Under GDPR you also have the right to rectification, restriction, objection, and to lodge a complaint with your local data protection authority.
Data retention
We keep your data for as long as your account is active. When you delete your account, your training data is removed from our database. Crash reports are retained for a limited period for debugging and then discarded.
Children
Stopa is not directed at children. You must be at least 13 years old (or the minimum age of digital consent in your country) to use the app.
Changes to this policy
We may update this policy as the app evolves. Material changes will be reflected by the "Last updated" date at the top of this page.
Contact
Questions about privacy or your data: hello@stopa.app.